<?php 
	class WS_LoginMod {
		
		private $_DB;
		
		public function __construct() {

			$this->_DB 	= new ConfigDB();

		}
		
		
		public function login($str_username, $str_password) {

			$username = escapestring($str_username);

			$password = escapestring($str_password);
/*
			$query = $this->_DB->selectDB2("SELECT `user_idPK`,
												   `account_no`,
												   `first_name`,
												   `last_name`,
												   `middle_name`,
												   `account_type`,
												   `is_deleted`
											FROM `tbl_users_account`
											WHERE (`log_user` = '".$username."' OR `account_no` = '".$username."')
												  AND
												   `log_pass` = '".md5($password)."'");*/
												   
												   
			$query = $this->_DB->selectDB2("SELECT * FROM ((SELECT	`user_idPK`,
																	`account_no`,
																	`first_name`,
																	`last_name`,
																	`middle_name`,
																	`account_type`,
																	`is_deleted`
															  FROM `tbl_users_account`
															  WHERE (`log_user` = '" . $username  ."' OR `account_no` = '" . $username . "') AND `log_pass` = '" . md5($password) . "')
													UNION
															(SELECT  `stud_idPK`     AS `user_idPK`,
																	`stud_no`       AS `account_no`,
																	`first_name`,
																	`last_name`,
																	`middle_name`,
																	'S' AS account_type,
																	`is_deleted`
																	FROM `tbl_students`
																	WHERE (`log_user` = '" . $username . "' OR `stud_no` = '" . $username . "') AND `log_pass` = '" . md5($password) . "' AND `is_deleted` = 'N' and `is_active` = 'Y')) AS tbl LIMIT 1");
												   

			if ( !empty($query) ) {

				return $query;

			} else return n_record();

		}
		
	}
?>